I can't speak to the strength of the legal case being made, but I do think that the case has the potential to be very important.

The impression one might get from the BCCLA's statements is that all or most of the cross-border communications of Canadians are currently collected by CSEC. I believe that this is not this case, but we don't have any solid information as to what the actual percentage is or what it could be under the government's current interpretation of the law should it ever decide to expand such collection. This case might be very useful in clarifying where we stand.

Also, regardless of whether the percentage collected is large or small, I think it can still be argued that the Canadian communications that do get collected deserve better protection. Although it is difficult for technical reasons to demand that a judicial warrant be in place before the collection of any communication with one end in Canada, it might be possible to require that a judicial warrant be obtained before any communication subsequently determined to have one end in Canada is made available for analysis and use by the intelligence community.

Clarification of the degree of metadata collection about Canadians and the uses to which that data can be put could be even more important. We do not know the rules that govern the collection and use of domestic metadata by CSIS and other domestic security or law enforcement agencies. It could be the case that these agencies are able (or could be able with simple policy rather than legal changes) to obtain and use comprehensive metadata records without a judicial warrant, in which case CSEC would able to assist in data mining and network analysis of these records under its mandate (c). Even the more limited uses of metadata pertaining to CSEC's mandate (b) and mandate (a), information security and foreign intelligence respectively, could be highly intrusive. In the latter case, even if the metadata use were limited to some percentage of cross-border communications, the potential for invasion of privacy could be quite large.

It would be good to get a better understanding of the extent of the collection of this data and the uses to which it is being put and could be put under the government's interpretation of existing law, and to explore the degree to which the extent of collection and use of this data can be placed under judicial control.

For Canadians, the BCCLA lawsuit may seem to be one more episodic moment in our fitful concern with balancing civil liberties and security. But it is more than that. The lawsuit may force, where nothing else has, much greater transparency around intelligence practices adopted after 9/11.

It should also force a real debate over privacy protections. Should a government agency like CSEC be allowed to collect “metadata” (essentially data that describes telecommunications networks and activity rather than the content of communications themselves) regarding Canadians? Should CSEC, with ministerial authorization only, rather than with a warrant or other judicial approval, be allowed to retain, use and even share with other government departments and foreign allies, the private communications of Canadians?

The BCCLA lawsuit has shone a light in a dark corner. From it may come a greater appreciation of how to protect our identities and rights as citizens of cyberspace. And from it may come a better appreciation of the need, and necessary limits, of intelligence-gathering by democratic societies.